07/01/2014

The SEC has increased its focus on how companies and other market participants are tackling cyber-security threats, and challenged directors to take a more hands-on role in overseeing and managing that risk...

With the SEC’s focus on fuller disclosure of cyber-security risks and the preventative actions taken by companies, boards need to be very mindful of how much time and effort they are spending on cyber security, says Ronald Breaux, a partner at Haynes and Boone, LLP.

“Boards need to document that they’re having regular discussions on these issues, because if you have a company that doesn’t disclose cyber risks and there ends up being a cyber issue, you’re not just risking a serious inquiry from the SEC but a plethora of private lawsuits as well,” he says.

“The old adage in this area is that it’s not a matter of if, but when, and now you can also apply that logic to SEC action and regulation on cyber security,” he says.

Email Disclaimer

Sending an email will not establish an attorney-client relationship. You should not send us any information that you want treated confidentially. By clicking Accept you acknowledge that we may review and use any information you transmit to us.